1.0.6

CHANGELOG.md

@@ -4,6 +4,23 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 
 
+## [1.0.6 / 5.55.6] - 2021-12-??
+
+### Added
+- replaced open with with a sandboxie dialog to work on win 10 [#1138](https://github.com/sandboxie-plus/Sandboxie/issues/1138)
+- added ability to run store apps in app container mode, requirers COM to be open
+- added new debug options "UnstrippedToken=y" and "KeepUserGroup=y"
+- added double click to recovery window [#1466](https://github.com/sandboxie-plus/Sandboxie/issues/1466)
+
+### Changed
+- "UseSbieWndStation=y" is now the default behavioure [#1442](https://github.com/sandboxie-plus/Sandboxie/issues/1442)
+
+### Fixed
+- fixed box initialization issue in privacy mode [#1469](https://github.com/sandboxie-plus/Sandboxie/issues/1469)
+- fixed issue creating shortcuts introduced in a recent build [#1471](https://github.com/sandboxie-plus/Sandboxie/issues/1471)
+
+
+
 
 ## [1.0.5 / 5.55.5] - 2021-12-25
 

Sandboxie/apps/start/rundlg.cpp

@@ -509,11 +509,23 @@ INT_PTR RunDialogProc(
             SetDlgItemText(hwnd, IDCANCEL, SbieDll_FormatMessage0(MSG_3002));
             SetDlgItemText(hwnd, IDBROWSE, SbieDll_FormatMessage0(MSG_3003));
 
-            SetDlgItemText(hwnd, IDRUNDLGTEXT,
+            extern BOOL execute_open_with;
+            if (execute_open_with)
+            {
+                SetDlgItemText(hwnd, IDRUNDLGTEXT,
+                           SbieDll_FormatMessage0(MSG_3107));
+
+                extern PWSTR ChildCmdLine;
+                SetDlgItemText(hwnd, IDRUNDLGTEXT2, ChildCmdLine);
+            }
+            else
+            {
+                SetDlgItemText(hwnd, IDRUNDLGTEXT,
                            SbieDll_FormatMessage0(MSG_3103));
 
-            SetDlgItemText(hwnd, IDRUNDLGTEXT2,
+                SetDlgItemText(hwnd, IDRUNDLGTEXT2,
                            SbieDll_FormatMessage0(MSG_3104));
+            }
 
             //
             // position window

Sandboxie/apps/start/start.cpp

@@ -81,6 +81,7 @@ BOOL run_mail_agent = FALSE;
 BOOL display_run_dialog = FALSE;
 BOOL display_start_menu = FALSE;
 BOOL execute_auto_run = FALSE;
+BOOL execute_open_with = FALSE;
 BOOL run_elevated_2 = FALSE;
 BOOL disable_force_on_this_program = FALSE;
 BOOL auto_select_default_box = FALSE;
@@ -388,6 +389,7 @@ BOOL Parse_Command_Line(void)
     static const WCHAR *mail_agent        = L"mail_agent";
     static const WCHAR *run_dialog        = L"run_dialog";
     static const WCHAR *start_menu        = L"start_menu";
+    static const WCHAR *open_with         = L"open_with";
     static const WCHAR *auto_run          = L"auto_run";
     static const WCHAR *mount_hive        = L"mount_hive";
     static const WCHAR *delete_sandbox    = L"delete_sandbox";
@@ -757,6 +759,27 @@ BOOL Parse_Command_Line(void)
 
         return TRUE;
 
+    // show open with dialog
+
+    } else if (wcsncmp(cmd, open_with, wcslen(open_with)) == 0) {
+
+        /*if (! SbieApi_QueryProcessInfo(
+                        (HANDLE)(ULONG_PTR)GetCurrentProcessId(), 0)) {
+            // this is the instance of Start.exe outside the sandbox
+            // so just resend the start_menu command line to the
+            // instance that will restart in the sandbox
+            ChildCmdLine = cmd;
+
+        }*/
+
+        execute_open_with = TRUE;
+
+        DWORD len = wcslen(open_with) + 1;
+        ChildCmdLine = MyHeapAlloc((wcslen(cmd) - len) * sizeof(WCHAR));
+        wcscpy(ChildCmdLine, cmd + len);
+
+        return TRUE;
+
     // run auto start entries
 
     } else if (wcsncmp(cmd, auto_run, wcslen(auto_run)) == 0) {
@@ -1690,9 +1713,20 @@ int __stdcall WinMainCRTStartup(
 
     while (1) {
 
-        if (display_run_dialog) {
+        if (display_run_dialog || execute_open_with) {
             MyCoInitialize();
-            ChildCmdLine = DoRunDialog(GetModuleHandle(NULL));
+            WCHAR* CmdLine = DoRunDialog(GetModuleHandle(NULL));
+            if (! ChildCmdLine)
+                ChildCmdLine = CmdLine;
+            else { // execute_open_with
+                WCHAR* FilePath = ChildCmdLine;
+                DWORD len = wcslen(CmdLine) + 1 + wcslen(FilePath) + 16;
+                ChildCmdLine = MyHeapAlloc(len * sizeof(WCHAR));
+                wsprintf(ChildCmdLine, L"%s %s", CmdLine, FilePath);
+                MyHeapFree(CmdLine);
+                MyHeapFree(FilePath);
+            }
+
         } else if (display_start_menu) {
             if (! ChildCmdLine)
                 ChildCmdLine = DoStartMenu();

Sandboxie/common/my_version.h

@@ -21,8 +21,8 @@
 #ifndef _MY_VERSION_H
 #define _MY_VERSION_H
 
-#define MY_VERSION_BINARY       5,55,5
-#define MY_VERSION_STRING       "5.55.5"
+#define MY_VERSION_BINARY       5,55,6
+#define MY_VERSION_STRING       "5.55.6"
 #define MY_VERSION_COMPAT		"5.55.0" // this refers to the driver ABI compatibility
 
 // These #defines are used by either Resource Compiler, or by NSIC installer

Sandboxie/core/dll/custom.c

@@ -43,6 +43,7 @@ static BOOLEAN  DisableWerFaultUI(void);
 static BOOLEAN  EnableMsiDebugging(void);
 static BOOLEAN  Custom_EnableBrowseNewProcess(void);
 static BOOLEAN  Custom_DisableBHOs(void);
+static BOOLEAN  Custom_OpenWith(void);
 static HANDLE   OpenExplorerKey(
                     HANDLE ParentKey, const WCHAR *SubkeyName, ULONG *error);
 static void     DeleteShellAssocKeys(ULONG Wow64);
@@ -71,9 +72,9 @@ _FX BOOLEAN CustomizeSandbox(void)
     // customize sandbox if we need to
     //
 
-    if (GetSetCustomLevel(0) != '1') {
+    Key_CreateBaseKeys();
 
-        Key_CreateBaseKeys();
+    if (GetSetCustomLevel(0) != '2') {
 
         Custom_CreateRegLinks();
         DisableDCOM();
@@ -85,8 +86,10 @@ _FX BOOLEAN CustomizeSandbox(void)
         Custom_EnableBrowseNewProcess();
         DeleteShellAssocKeys(0);
         Custom_DisableBHOs();
+        if (Dll_OsBuild >= 8400) // only on win 8 and later
+            Custom_OpenWith();
 
-        GetSetCustomLevel('1');
+        GetSetCustomLevel('2');
 
         //
         // process user-defined AutoExec settings
@@ -132,6 +135,8 @@ _FX UCHAR GetSetCustomLevel(UCHAR SetLevel)
 
         wcscpy(path, L"\\registry\\user\\");
         wcscat(path, Dll_SidString);
+        //wcscpy(path, Dll_BoxKeyPath);
+        //wcscat(path, L"\\user\\current");
         wcscat(path, L"\\software\\SandboxAutoExec");
 
         RtlInitUnicodeString(&uni, path);
@@ -438,6 +443,110 @@ _FX BOOLEAN EnableMsiDebugging(void)
 }
 
 
+//---------------------------------------------------------------------------
+// Custom_OpenWith
+// 
+// Replace open With dialog as on Win10 it requirers UWP support
+//---------------------------------------------------------------------------
+
+
+_FX BOOLEAN Custom_OpenWith(void)
+{
+    NTSTATUS status;
+    OBJECT_ATTRIBUTES objattrs;
+    UNICODE_STRING uni;
+    HANDLE hKeyRoot;
+    HANDLE hKey;
+    HANDLE hKeyCL;
+
+    ULONG OpenWithSize = (wcslen(Dll_BoxName) + 128) * sizeof(WCHAR);
+    WCHAR* OpenWithStr = Dll_AllocTemp(OpenWithSize);
+    OpenWithStr[0] = L'\"';
+    wcscpy(&OpenWithStr[1], Dll_HomeDosPath);
+    wcscat(OpenWithStr, L"\\" START_EXE L"\" open_with \"%1\"");
+    OpenWithSize = (wcslen(OpenWithStr) + 1) * sizeof(WCHAR);
+
+    // Open HKLM
+    RtlInitUnicodeString(&uni, Custom_PrefixHKLM);
+    InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, NULL, NULL);
+    if (NtOpenKey(&hKeyRoot, KEY_READ, &objattrs) == STATUS_SUCCESS)
+    {
+        // open Classes key
+        RtlInitUnicodeString(&uni, L"SOFTWARE\\Classes");
+        InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyRoot, NULL);
+        if (Key_OpenOrCreateIfBoxed(&hKeyCL, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
+        {
+            // open/create Undecided\shell\open\command key
+            RtlInitUnicodeString(&uni, L"Undecided\\shell\\open\\command");
+            InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
+            if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
+            {
+                // set @ = "..."
+                RtlInitUnicodeString(&uni, L"");
+                status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
+
+                RtlInitUnicodeString(&uni, L"DelegateExecute");
+                NtDeleteValueKey(hKey, &uni);
+
+                NtClose(hKey);
+            }
+
+            // open/create Unknown\shell\Open\command key
+            RtlInitUnicodeString(&uni, L"Unknown\\shell\\Open\\command");
+            InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
+            if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
+            {
+                // set @ = "..."
+                RtlInitUnicodeString(&uni, L"");
+                status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
+
+                RtlInitUnicodeString(&uni, L"DelegateExecute");
+                NtDeleteValueKey(hKey, &uni);
+
+                NtClose(hKey);
+            }
+
+            // open/create Unknown\shell\openas\command key
+            RtlInitUnicodeString(&uni, L"Unknown\\shell\\openas\\command");
+            InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
+            if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
+            {
+                // set @ = "..."
+                RtlInitUnicodeString(&uni, L"");
+                status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
+
+                RtlInitUnicodeString(&uni, L"DelegateExecute");
+                NtDeleteValueKey(hKey, &uni);
+
+                NtClose(hKey);
+            }
+
+            // open/create Unknown\shell\OpenWithSetDefaultOn\command key
+            RtlInitUnicodeString(&uni, L"Unknown\\shell\\OpenWithSetDefaultOn\\command");
+            InitializeObjectAttributes(&objattrs, &uni, OBJ_CASE_INSENSITIVE, hKeyCL, NULL);
+            if (Key_OpenOrCreateIfBoxed(&hKey, KEY_ALL_ACCESS, &objattrs) == STATUS_SUCCESS)
+            {
+                // set @ = "..."
+                RtlInitUnicodeString(&uni, L"");
+                status = NtSetValueKey(hKey, &uni, 0, REG_SZ, (BYTE *)OpenWithStr, OpenWithSize);
+
+                RtlInitUnicodeString(&uni, L"DelegateExecute");
+                NtDeleteValueKey(hKey, &uni);
+
+                NtClose(hKey);
+            }
+
+            NtClose(hKeyCL);
+        }
+        NtClose(hKeyRoot);
+    }
+
+    Dll_Free(OpenWithStr);
+
+    return TRUE;
+}
+
+
 //---------------------------------------------------------------------------
 // DisableWerFaultUI
 //

Sandboxie/core/dll/guienum.c

@@ -244,7 +244,7 @@ _FX BOOLEAN Gui_InitEnum(void)
     // raises an error when CreateDesktop is call.  This hook
     // is removed for chrome.  See advapi.c: AdvApi_GetSecurityInfo
 
-    if (!Config_GetSettingsForImageName_bool(L"UseSbieWndStation", FALSE) && 
+    if (!Config_GetSettingsForImageName_bool(L"UseSbieWndStation", TRUE) && 
         (Dll_ImageType != DLL_IMAGE_GOOGLE_CHROME) &&
         (Dll_ImageType != DLL_IMAGE_MOZILLA_FIREFOX)) {
         SBIEDLL_HOOK_GUI(CreateDesktopW);

Sandboxie/core/dll/key.c

@@ -4300,7 +4300,10 @@ _FX void Key_CreateBaseKeys()
     UNICODE_STRING objname;
     WCHAR* base_keys[] = {
         L"\\machine\\system", L"\\machine\\software",
-        L"\\user\\current\\software", L"\\user\\current_Classes", NULL};
+        L"\\user\\current\\software", L"\\user\\current_Classes",
+        L"\\machine\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer",
+        L"\\user\\current\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer",
+        NULL};
 
     //
     // in privacy mode we need to pre create some keys or else the box initialization will fail

Sandboxie/core/dll/ldr_init.c

@@ -182,6 +182,10 @@ _FX void Ldr_LoadInjectDlls(BOOLEAN bHostInject)
     WCHAR *dllname = Dll_AllocTemp(MAX_PATH * 2 * sizeof(WCHAR));
     ULONG index = 0;
 
+    //
+    // We also end up here form host injection mode so Dll_HomeDosPath is not available
+    //
+
     WCHAR *path = Dll_AllocTemp(1024 * sizeof(WCHAR));
     SbieApi_GetHomePath(NULL, 0, path, 1020);
 

Sandboxie/core/drv/key_flt.c

@@ -274,6 +274,15 @@ _FX NTSTATUS Key_Callback(void *Context, void *Arg1, void *Arg2)
         pRemainingName = &RemainingName;
     }
 
+    //
+    // Store app container support
+    //
+
+    if (Driver_OsVersion >= DRIVER_WINDOWS_10) {
+        if (_wcsnicmp(pRemainingName->Buffer, proc->box->key_path + 9, (proc->box->key_path_len - (sizeof(WCHAR) * (9 + 1))) / sizeof(WCHAR)) == 0) // +9 skip \REGISTRY, +1 don't compare '\0'
+            return STATUS_SUCCESS;
+    }
+
     //
     // call Key_MyParseProc_2
     //